Juho wrote:
Yes, security might force us to use simpler solutions like ballots to be
similar, votes to be shorter (e.g. only two or three rankings allowed),
and even to reduce the number of candidates. The latter two
simplifications are already vote buying / coercion oriented.
Security might also force us to more complex solutions like having
districts to limit the number of available candidates. Otherwise the
voter might be asked to vote for some candidate from the other side of
the country that nobody is expected to vote.
One more approach to semi-computerized voting. A computer displays the
personal alternatives and then prints a ballot. This solution hides the
personalized nature of the ballot and still avoids the problem of voter
voting for candidates that he/she should not vote.
One could augment the semi-computerized voting by making it print all
candidates, but randomly order (last behind all others) the ones that
are not applicable to the districts. Then the ballots would have to be
examined more closely in order to figure out what house is its center.
That's not to say it would make it impervious to such attacks: the
random ordering might easily have "... > DistantCommunistA >
DistantRightWingerA > DistantCommunistB > ..." because the randomizer
doesn't know (and can't know) what's "reasonable". Filling out the
random-last with a Markov simulation of other ballots would be more
"reasonable", but that'd require a postprocessing step and it might mess
with the proportionality, so I don't think that would be worth it.
However we look at it, we return to the problem that ranked ballots can
be fingerprinted. The only solution I can see for that is to have a
summable system and add the individual ballot in matrix (or array)
format instead of ballot format. But most PR methods are not summable!
Are there other ways of preventing ranked ballot fingerprinting?
----
Election-Methods mailing list - see http://electorama.com/em for list info